General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


New Product mention feature

Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...

jdelio by Community Team Member
  • 2 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 43 replies

Resolved! NAT configuration - DMZ zone to Trust zone

I've had a total brain fade, and am unable to figure this out. Hoping you guys can help. Network topology is relatively simple. Firewall has three zones - outside, inside and DMZ - DMZ has a /25 of "real" Internet addresses on it. Outside has a /30, ...

darren.g by L4 Transporter
  • 2 replies

Tcp service report for rules

Is there a report that I can run that will show me every rule that has tcp service applied? For example let's say migration tool is not an option and I do not want to scroll through 3000 rules to manually look. Or can I can export all rules and someh...

Restrict Any Any from Security Policy

Hi There, At one of our sites we fell vicitim and have the dreaded any any security policy in place. We are trying to determine the best course of action to lock it down. Would I create tap firewall ports and span all the traffic, then create new rul...

nicford by L2 Linker
  • 4 replies

DOS protection rule

We are thinking of creating a DoS rule and I was wondering what the group thinks of this rule and what affect it would have.

jdprovine by L4 Transporter
  • 14 replies

Resolved! Content s and Apps Updates

We have two 3050 units managed by Panorama. I have two related questions: What is the difference between Apps and Contents in Dynamic Updates? If we have a support contract for the firewalls and Panorama but don't subscribe to Antivirus, Threats and ...

Moving from a single PA500 to HA pair of PA820

As the subject states we are single PA500 shop now moving to Dual PA820 in HA.What can I expect when moving to this type of setup coming from a single FW setup.Is there anything I need to look out for any "Gotchas"? So far I know I am using 5 copper ...

CTaveras by L1 Bithead
  • 15 replies

PA-3020 AutoCommit fails - commit force fails

Hey all!I have a problem with my second passive PA-3020. (7.1.7)We had a loss of power so the firewall was shutdown hard.When it's booting now, the autocommit fails.When I do a commit force, it says: "Threat database handler failed".Then I stumbled o...

MPI-AE by L4 Transporter
  • 9 replies

Resolved! Panorama import config of firewall

Hi So setup my HA cluster woo hoo. So now I have setup panoram I have gone to managed devices and added in my 2 PA from above - by serial number, I can see then, I can change context into them. I went to each PA and add in the FQDN for the panoram in...

Outbound decryption and PAN-OS 8.0.2

we recently upgraded from PAN-OS 7.1.10 to 8.0.2 and some (but not all) websites are no longer decrypting For instance, gmail doesn't decrypt anymore and we have a rule that allowed that application. Since that traffic isn't decrypted, it comes up as...

Resolved! Consuming mind meld feeds on Firewall

Hi, I have minemeld running on Azure and it processes and creates feeds as I would expect and can view them in a browser. The only change from the inital Azure build I have done is to install my own go-daddy SSL cert so out the box browsers will trus...

Resolved! Failed to Fetch Packages

Getting error while executiing sudo apt-get update && sudo apt-get install -y minemeld rsyslog-minemeld rsyslog-mmnormalize Error Failed to Fetch 403 Forbidden [I...

hsoni by L1 Bithead
  • 5 replies

Resolved! GP Access Routes

Is there any way to negate adding a prefix to the GP Access Routes? We have an app that we don't want to change the communication path when a machine connects with GP. So if it was accessing this app through an external method it should remain that w...